Thanks, Theresa -- I looked further and found a link on The Register to a PDF posted by the company whose anti-malware software detected the problem:
http://www.m86security.com/documents/pdfs/security_labs/cybercriminals_target_online_banking.pdf [Impossible to detect? - the report says three products were able to detect the malware!] Interesting report. The exploit wasn't directed at an OS, but at browsers, by replacing the bank's JavaScript with the exploiter's JS. PDF says it worked in browsers (Exploder, Firefox, or Safari) or applications (Java, Flash, or PDF). The exploiter can choose from multiple tools to publish the exploit. My previous note included a link to descriptions of pricing for exploit tools. --Don Ellis On Thu, Aug 12, 2010 at 10:00 AM, Theresa Kehoe <[email protected]> wrote: > On Thu, 2010-08-12 at 09:16 -0500, Don Ellis wrote: > > Theresa, > > > > > > I wish you had included a link to the Register article (linked from > > the Register front page): > > > Don, you're right and I should have ... in my defense, I was exhausted > from hours of working outside in 112+ heat indices, while gathering > donated computers from Wash U and delivering them to ByteWORKS. Broiled > m'brain, I think, at least what little brain I have. > > I get annoyed, yes at Scott for his fanboi enthusiasm ("Guess which > OS?"), but more for passing on such a ridiculously un-researched article > without doing any credibility checking. It's like the idiotic "OMG if > you read this you will die in 5 days unless you forward this message on > 20 times" garbage that people blindly forward, without checking its > veracity (a la Snopes) or otherwise doing any sanity checks. > > Since you *did* read the Reg article, you pointed out that it is > evidently NOT worldwide (UK-wide, surely, but I thought only us Yanks > were arrogant enough to think we *are* the world ... "World Series", > anyone?). In fact, it seems to be one specific bank within that one > specific country, and they're currently keeping schtum on which bank > that is. > > So, Scott, sorry for calling a spade a spade, but if you are not a Mac > FanBoi, then I'll eat my hat. Please be more responsible before > spreading FUD. And if you are going to ask "Guess which OS?", then > don't be surprised when the answer is "Windows AND MAC". > > And Don, next time I'll try not to PWE (Post While Exhausted), and if I > do, I'll send supporting links. > > Theresa > > -- Central West End Linux Users Group (via Google Groups) Main page: http://www.cwelug.org To post: [email protected] To subscribe: [email protected] To unsubscribe: [email protected] More options: http://groups.google.com/group/cwelug
